Hikvision video encoding Device Access Gateway /transformServer/serverConfigInfo.php injection vulnerability

No description provided by source...

Adobe Flash Player Memory Corruption (APSB16-04: CVE-2016-0970)

A memory corruption vulnerability has been reported in Adobe Flash Player. The vulnerability is caused by malformed parameters of a video encoding in a flv video file. A remote attacker can exploit this issue by enticing a victim to open a specially crafted file that could lead to arbitrary code...

UBUNTU-CVE-2015-8217

The ffhevcparsesps function in libavcodec/hevcps.c in FFmpeg before 2.8.2 does not validate the Chroma Format Indicator, which allows remote attackers to cause a denial of service out-of-bounds array access or possibly have unspecified other impact via crafted High Efficiency Video Coding HEVC da...

Google Chrome FFmpeg Competitive Conditions Vulnerability

Google Chrome is an open source WEB browser. The 'updatedimensions' function in the libavcodec/vp8.c file of FFmpeg used by Google to perform multi-threaded operations relies on coefficient-partition counting, allowing remote attackers to build special WebM files for denial-of-service attacks...

UBUNTU-CVE-2015-6821

The ffmpvcommoninit function in libavcodec/mpegvideo.c in FFmpeg before 2.7.2 does not properly maintain the encoding context, which allows remote attackers to cause a denial of service invalid pointer access or possibly have unspecified other impact via crafted MPEG data...

Mozilla: Overflow issues in libstagefright (MFSA 2015-83)

Integer overflow in the stagefright::SampleTable::isValid function in libstagefright in Mozilla Firefox before 40.0 and Firefox ESR 38.x before 38.2 allows remote attackers to execute arbitrary code via crafted MPEG-4 video data with H.264 encoding...

UBUNTU-CVE-2015-4480

Integer overflow in the stagefright::SampleTable::isValid function in libstagefright in Mozilla Firefox before 40.0 and Firefox ESR 38.x before 38.2 allows remote attackers to execute arbitrary code via crafted MPEG-4 video data with H.264 encoding...

FFmpeg and Libav 'libavcodec/xface.h' Denial of Service Vulnerability

FFmpeg is a free program that performs recording, transferring and streaming of audio and video in various formats. FFmpeg versions prior to 2.5.2 libavcodec/xface.h establishes certain numeric and word array dimensions that do not conform to the required mathematical relationships, which can be...

Remote command injection in Ruby Gem kelredd-pruview 0.3.8

Remote command injection in Ruby Gem kelredd-pruview 0.3.8 Larry W. Cashdollar 4/4/2013 @larry0 Description: "A gem to ease generating image previews thumbnails of various files." https://rubygems.org/gems/kelredd-pruview Remote commands can be executed if the file name contains shell meta...

MPEG-4 Codec RCE Vulnerability (975558)

This host is missing a critical security update according to Microsoft Bulletin MS10-062. SPDX-FileCopyrightText: 2010 Greenbone AG Some text descriptions might be excerpted from a referenced sources, and are Copyright C by the respective right holders. SPDX-License-Identifier: GPL-2.0-only...